Passkeys are a secure, phishing-resistant way to sign in without typing a password. KeyPass Authenticator supports passkeys on iPhone and iPad running iOS 17 or later through the KeyPass Authenticator Autofill extension—so you can save and use passkeys when websites and apps offer them.
Note
You cannot create a passkey manually from a “+” button inside the KeyPass Authenticator vault. Passkeys are created only when a supported website or app prompts you to register one and you choose KeyPass Authenticator as your credential provider.
How to add a Passkey?
Follow these steps to create and save a passkey with KeyPass Authenticator Autofill. Your passkey will appear in the Passkeys category in your vault.
Step 1: Enable KeyPass Authenticator Autofill
- Open the Settings app on your iPhone or iPad.
- Go to Passwords → Password Options.
- Turn on AutoFill Passwords.
- Under Allow Filling From, select KeyPass Authenticator.
Note
The path is Settings → Passwords → Password Options → AutoFill Passwords. You can also reach these settings from KeyPass Authenticator → Settings → Autofill.
Step 2: Create a passkey on a supported website or app
- Open a passkey-supported website in Safari, or open a native app that supports passkeys.
- Start the sign-up or account security flow where the site offers to create a passkey.
- When iOS shows the credential provider picker, continue to Step 3.
Important
KeyPass Authenticator does not support creating passkeys from inside the vault. The site or app must initiate passkey registration.
Step 3: Choose KeyPass Authenticator when iOS asks where to save
- When iOS asks where to save the passkey, select KeyPass Authenticator.
- Authenticate if prompted—KeyPass Authenticator may ask for Face ID, Touch ID, your PIN, or your master password (if enabled).
Step 4: Confirm in the KeyPass Authenticator extension
The KeyPass Authenticator Autofill extension opens a Create Passkey screen.
- Review the Title (editable) and Username (provided by the site).
- Choose an action:
- New passkey: Tap Create New Item.
- Passkey already exists for the same username and site: choose Update or Create New Passkey.
KeyPass Authenticator stores passkey details (title, username, site/relying party, credential ID, user handle) in your vault. The private key is stored in the device Keychain and does not leave your device.
Step 5: Verify in the KeyPass Authenticator app
- Open KeyPass Authenticator and unlock your vault.
- Go to the Passkeys category.
- Confirm your new passkey appears with its username, website/relying party, creation device, and created date.
If you have no passkeys yet, you will see: “No passkeys yet” and “Save and manage your passkeys securely with KeyPass Authenticator Autofill.”
Before you begin
Make sure you have everything ready:
- iOS 17 or later on your iPhone or iPad
- KeyPass Authenticator installed and your vault unlocked
- KeyPass Authenticator set as your Autofill provider (see Step 1)
- A website or app that supports passkeys
Tip
You can open Autofill settings from KeyPass Authenticator → Settings → Autofill, which takes you directly to the iOS password and autofill settings.
How to sign in with a saved passkey
- On a passkey-supported website or app, choose Sign in with a passkey (or similar).
- When iOS prompts for a credential provider, select KeyPass Authenticator.
- Authenticate if required (Face ID, Touch ID, PIN, or master password).
- KeyPass Authenticator completes sign-in through Autofill.
Tip
The website domain must match the relying party saved with your passkey.
Manage your passkeys
In KeyPass Authenticator, open Vault → Passkeys to:
- View username, website/relying party, creation device, and created date
- Edit the passkey title (website label)
- Delete a passkey you no longer need
Using passkeys after backup or on a new device
Important
Backups and vault restores include passkey information (title, username, site, credential ID, user handle) but not the private key. Private keys stay in the device Keychain and are not included in backups.
After you restore your vault or set up KeyPass Authenticator on a new device:
- Passkeys may appear in your KeyPass Authenticator vault, but they will not autofill until you sign in to each site and register the passkey again on that device.
- The same applies when moving to another device: restore your vault, then re-register passkeys per site.
Passkeys do not sync across devices like traditional passwords. Each device needs its own registered passkey for autofill to work.
Troubleshooting
- Autofill is off — Turn on AutoFill Passwords in Settings → Passwords → Password Options and select KeyPass Authenticator.
- Wrong provider selected — Make sure KeyPass Authenticator is checked under Allow Filling From, not only iCloud Keychain or another app.
- iOS version too old — Passkeys require iOS 17 or later.
- Site does not support passkeys — KeyPass Authenticator can only save passkeys when the website or app offers passkey registration.
- Authentication failed — Unlock KeyPass Authenticator and complete Face ID, Touch ID, PIN, or master password when the extension asks.
- Domain mismatch — The site you are signing into must match the relying party/domain saved with the passkey.
- Passkey visible but won’t sign in — After a backup, restore, or device change, re-register the passkey on that site from the new device.
Security notes
- Private keys never leave the device Keychain.
- Passkeys are phishing-resistant compared to traditional passwords.
- Protect your KeyPass Authenticator vault with a master password, Face ID/Touch ID, PIN, and auto-lock settings.
Need more help?
Contact KeyPass Authenticator support:
Email: support@navynexa.com
Website: https://www.navynexa.com
KeyPass Authenticator is developed by Navynexa Technologies LLP